preloder

Security for Your Container Based CI/CD Pipeline

Anchore has been designed to plug seamlessly into your container based CI/CD pipeline to add analytics, compliance and governance to your workflow.

How Anchore Fits Into a Jenkins Container Pipeline

A developer commits code into the source code management system. This change triggers Jenkins to start a build which creates a container image. In the typical workflow this container image is then run through automated testing. If an image does not meet your organization’s requirements for security or compliance, the build can be failed, returning the appropriate reports back to the developer to allow the issue to be addressed and avoid unnecessary next steps until tests are passed.

Build

New code is pushed triggering the CI/CD system to build a new container image based off the latest code

Analyze

As part of the build pipeline Anchore analyzes the image storing detailed analysis data that can be queried at a later date

Evaluate

A detailed policy evaluation is then performed and the results are returned to the CI/CD platform

Report

Policy violations can cause the build to fail. Passing policy checks allows the image to continue to the next stage of the build pipeline.

How to Get Started

Get started by heading over to the Jenkins Plugin page and downloading the plugin or read more in our technical docs.

Go to the Jenkins Plugin Page

Head over to the Jenkins plugin page to get Anchore installed and up and running

Read Our Technical Documentation

Read the step by step guide for integrating Anchore into your Jenkins pipeline

Ready to get started?

Download the plugin or contact us for assistance